Announcement

**MarkHargrove** · June 7, 2019, 11:47 PM

I've not read much of this thread, but just wanted to say you need to be aware that OpenVPN on pfSense really needs a CPU with AES-NI support (basically, hardware support for the encryption) or you'll find your VPN performance is pretty raggedy. We use pfSense and OpenVPN as the basis for our entire company's VPN infrastructure and we didn't really get good performance until we got mini-CPUs with AES-NI support. Many of the really cheap dual-ethernet boxes don't have that support, so just be aware.

**Pete** · June 8, 2019, 10:35 AM

Thank you Mark.

Yes this endeavor started with a search of that $100 hardware for use with PFSense that was small and compact and lite.

Personally here have used PFSense for many years at home. Never have used it for work endeavors.

Understood about CPU AES-NI. For family member it was a quest to get non dependant on the ISP hardware and monthly charges.

I did get this product for $70 which was a deal that I could not pass.

**Pete** · June 8, 2019, 05:26 PM

@Robert,

Took apart the firewall today and took some pictures of battery backup. Looks to be your standard 3VDC laptop battery backup with connector.

Looked on Amazon and see a bunch. Here is one for ~$8.79 or so. The connectors for these are all the same size.

New CMOS Battery 3V Lithium ML1220 RECHARGEABLE CMOS BATTERY With CABLE

**logbuilder** · June 8, 2019, 05:37 PM

Thanks Pete. I was under the (uninformed) impression that the connectors were somewhat unique. I'll try that one.

Robert

**Pete** · June 8, 2019, 05:55 PM

Looks the same as my Lenova laptops / HP laptops. Use little tweezers to attach the end to the motherboard. The plug is polarized and goes on only one way.

With the case being all metal noticed that it gets a bit warm. Checking temps see only 27° - 50° C which is OK.

**Pete** · June 9, 2019, 07:06 AM

BTW this is an endeavor to reduce the monthly cost of the ISP which was around $250 or so per month. A la carte replacement has been:

1 - Arris Gb modem ~ $50.00
2 - Ooma VOIP box - $60.00
3 - PFSense Firewall - $70.00
4 - 8 port Gb switch - $30.00
5 - Leviton mini media panel ==> $30 (new old stock)
6 - OTA TV (free)
7 - 4Gb DDR3 SODIMM - $17.00
8 - DIN mounting plate - $14.99
=========================
Total to date spent ==> $271.00

Current ISP monthly ==> $50.00

Switched over to DTV television package with one receiver.

Adding Roku box with Netflix / Amazon AOD or TVBox with KODI Ubuntu / 64gb MMC / ? SSD drive

11th of June, 2019

Three adds today...

4Gb DDR3 SODIMM - A-Tech 4GB DDR3 1600MHz PC3-12800 204-pin SODIMM Laptop Notebook Computer Memory RAM Module $17.00 (Amazon)
DIN mount plate to mount firewall and modem -VIVO Black Steel Arm Bracket Holder for Intel NUC - Back of Monitor VESA Metal Plate Mount Extension (MOUNT-VESA01) $14.99 (Amazon)
GPS with RS-232 with PPS - NEO-8M GPS Satellite Positioning Module for Arduino STM32 C51 $7.49

**Pervez2602** · July 9, 2019, 04:30 AM

Hi All, Just an update, my pfsense box is now well and truly on the back burner, hopefully pick it up in the winter months, to much to do in the garden, English weather is wrong! It's sunny.

**Richel** · October 29, 2019, 08:30 AM

Originally posted by Pete View Post

OK so purchased a Qotom Q310P cheap (< $100) to DIY build a PFSense firewall for a relative. Documenting the build over here:

PFSense on a Qotom Q310P mini PC computer

Where'd you get this so cheaply? By the way, if I had a second NIC via a USB dongle, does pfSense automatically recognize it, or do I somehow have to set that up with the OS?
Thanks. Elliott

**Pete** · October 29, 2019, 10:20 AM

Just searching on Ebay. It was an openbox with optional VGA port installed. It came from a Firewall vendor in CA. I was lucky.

It's been running fine. Have set up VPN to remote to the network as I have been using Teamviewer and prefer VPN.

Yes the BSD PFSense build with automagically see the USB NIC dongle even post installation.

**RoChess** · October 29, 2019, 10:26 AM

Pete do you have any experience with those little portable boxes that come pre-installed with OpenVPN client to automate the process of connecting to your home network when remote say at a hotel? Example: https://www.amazon.com/dp/B073TSK26W/

**Richel** · October 29, 2019, 10:29 AM

Originally posted by Pete View Post

Just searching on Ebay. It was an openbox with optional VGA port installed. It came from a Firewall vendor in CA. I was lucky.

It's been running fine. Have set up VPN to remote to the network as I have been using Teamviewer and prefer VPN.

Yes the BSD PFSense build with automagically see the USB NIC dongle even post installation.

Thanks, Pete.

**Pete** · October 29, 2019, 12:23 PM

do you have any experience with those little portable boxes that come pre-installed with OpenVPN client to automate the process of connecting to your home network when remote say at a hotel?

Yes here have hardware and OS modified these travel routers with OpenWRT. These (not all of them) have exposed GPIO pins for doing tinkering with.
You can configure these as WLAN or LAN routers with VPN. They do nicely for this.

That said last hotel visit here took one of my tabletop tablets with HSTouch on it and used VPN to call home. Worked great.

**Richel** · November 3, 2019, 12:02 PM

I just set up pfSense on a Beelink mini PC BT3 (https://www.amazon.com/gp/product/B0...?ie=UTF8&psc=1), which has a processor that will handle AES-NI for future versions of pfSense. The second NIC is a USB device. In order to load the program on this PC, you have to get to a prompt, at the initial menu screen and type in set hint.uart.0.disabled="1" [enter] and then type in set hint.uart.1.disable="1". Otherwise, it locks up in the process of installing. As suggested by Pete in an earlier message, I am playing with it on one computer first.

To implement it for my whole house, I need advice, because I am not that knowledgeable about networking and pfSense. The subnet through pfSense is 192.168.1.xx. Through my home router it is 192.168.0.xx. I have about 60 devices with 192.168.0.xx. What is the best way to deal with this situation, because I don't want to change the IP addresses of all my devices? I know that I can change the LAN IP address on pfSense. Would that be the best way? Thanks. Elliott

**Pete** · November 3, 2019, 03:48 PM

Change the Lan subnet on PFSense to match your subnet. Go with a static IP for the gateway one ip higher or lower that current gateway and shut off DHCP on the Lan of pfsense. Connect the wan port to your network and use dhcp from your regular lan. This way you can play without messing with your lan.

**Richel** · November 3, 2019, 04:33 PM

Originally posted by Pete View Post

Change the Lan subnet on PFSense to match your subnet. Go with a static IP for the gateway one ip higher or lower that current gateway and shut off DHCP on the Lan of pfsense. Connect the wan port to your network and use dhcp from your regular lan. This way you can play without messing with your lan.

Thanks, Pete.
Before I can do this, I need to resolve an issue, which is the gateway frequently going offline. From a search of the web, it has happened to others, too. I need to review the videos, the links to which you provided, to go through the details of the setup via the GUI. There may be some setting that could fix my problem. Elliott

Announcement

PFSense Firewall Group purchase interest

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment